cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

certificate for https-inspection

Good day! I need to replace SHA-1 certificate on SHA-256 certificate for https-inpection o CheckPoint. Can I manually create the certificate file with SHA-256 algorithm in GaiA for https-inspection? Which type of certificate should I create in Linux that I can use  for https-inspection?

1 Reply

Re: certificate for https-inspection

Hi,

I did had to setup HTTPS inspection and here is the way I did it.

You can use the gaia in expert mode to generate the ssl request with openSSL.

I would refer you to this article where you will find great information regarding the use of openSSL :

   ssl - How to create a self-signed certificate with openssl? - Stack Overflow 

You should use at minimum sha256 and  RSA2048 for the public key.

Also, make sure the key is exported when signing the certificate and get the file as a pkcs12 format if possible.

Make sure the authority is signing the certificate with correct "certificate signing role" becose it will not work.

The certificate need to be consider as an intermediate CA.

Hope it help.